Head of Risk Management

B.Grimm

Thailand

Fresher

Save

Posted 8 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Summary

The Head of Risk Management is responsible for leading and institutionalizing the Enterprise Risk Management (ERM) framework across the organization. This role ensures that risk governance, strategic risk oversight, and risk culture are embedded into business decision-making, project development, and corporate sustainability initiatives.

The position reports to the Risk Management Committee and provides independent risk oversight to the Management Committee, Audit Committee, and Board of Directors.

1. Enterprise Risk Management (ERM) Leadership Strategic Priority

ERM Framework & Governance

Lead the development, implementation, and continuous improvement of the Enterprise Risk Management (ERM) framework aligned with COSO ERM principles.
Ensure risk management is embedded into corporate strategy, capital allocation, project development, and operational planning.
Establish risk appetite, risk tolerance, and risk governance structure in collaboration with senior management.

Risk Identification & Strategic Risk Mapping

Facilitate enterprise-wide risk identification covering strategic, financial, operational, compliance, ESG, and reputational risks.
Support Management Committee, Project Directors, and Business Development teams in identifying and mapping project-specific and business risks.
Maintain and update the Corporate Risk Register and Risk Heat Map.

Risk Assessment & Internal Control Integration

Lead risk assessment exercises and ensure alignment with COSO Enterprise Risk Management standards.
Develop and monitor internal control plans based on risk prioritization.
Strengthen risk-based decision-making and investment evaluation processes.

Risk Mitigation & Action Governance

Ensure all major and critical risks have clearly defined mitigation plans and accountable risk owners.
Review adequacy of risk treatment plans and escalate material risks to Management Committee and Board as required.
Monitor mitigation progress and ensure timely closure of risk actions.

Risk Monitoring & Reporting

Prepare consolidated risk reports for Risk Management Committee, Audit Committee, and Board of Directors.
Provide forward-looking risk insights and emerging risk analysis.
Develop risk dashboards and key risk indicators (KRIs).

2. Business Continuity & Crisis Preparedness

Lead the development and continuous improvement of the Business Continuity Plan (BCP).
Coordinate with consultants, process owners, and risk owners to establish scenario-based risk impact prioritization.
Conduct BCP testing and crisis simulation exercises.

3. Risk Advisory & Risk Culture

Strategic Risk Advisory

Provide independent risk advisory to senior management on major investments, new projects, and strategic initiatives.
Participate in key governance meetings to provide risk perspectives.

Risk Education & Awareness

Promote strong risk culture across the organization.
Organize risk training workshops and awareness programs.
Strengthen risk ownership mindset among management and staff.

4. Risk Governance Coordination

Coordinate with Risk Champions and Risk Coordinators across business units.
Ensure consistent implementation of the ERM framework throughout the organization.
Support Risk Management Committee governance processes and documentation.

5. Compliance & Sustainability Risk Integration

PDPA (Personal Data Protection Act)